USN-839-1: Samba vulnerabilities

1 October 2009

samba vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Software Description

  • samba

Details

J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. (CVE-2009-2813)

Tim Prouty discovered that the smbd daemon in Samba incorrectly handled certain unexpected network replies. A remote attacker could send malicious replies to the server and cause smbd to use all available CPU, leading to a denial of service. (CVE-2009-2906)

Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, would not verify user permissions before opening a credentials file. A local user could exploit this to use or read the contents of unauthorized credential files. (CVE-2009-2948)

Reinhard Ni├čl discovered that the smbclient utility contained format string vulnerabilities in its file name handling. Because of security features in Ubuntu, exploitation of this vulnerability is limited. If a user or automated system were tricked into processing a specially crafted file name, smbclient could be made to crash, possibly leading to a denial of service. This only affected Ubuntu 8.10. (CVE-2009-1886)

Jeremy Allison discovered that the smbd daemon in Samba incorrectly handled permissions to modify access control lists when dos filemode is enabled. A remote attacker could exploit this to modify access control lists. This only affected Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-1886)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.04
samba - 2:3.3.2-1ubuntu3.2
smbfs - 2:3.3.2-1ubuntu3.2
Ubuntu 8.10
samba - 2:3.2.3-1ubuntu3.6
smbclient - 2:3.2.3-1ubuntu3.6
smbfs - 2:3.2.3-1ubuntu3.6
Ubuntu 8.04 LTS
samba - 3.0.28a-1ubuntu4.9
smbfs - 3.0.28a-1ubuntu4.9
Ubuntu 6.06 LTS
samba - 3.0.22-1ubuntu3.9
smbfs - 3.0.22-1ubuntu3.9

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the necessary changes.

References